Abstract: A decentralized identity access management (IAM) architecture that executes IAM service code on the distributed nodes (i.e., replicas) of a Byzantine fault tolerant (BFT) state machine replication (SMR) system is provided. For example, the IAM service code may be implemented as a blockchain smart contract or as a native execution engine that runs on each replica. With this decentralized architecture, up to f replicas (where f is a threshold number defined by the system's BFT consensus protocol) can be faulty/corrupted without affecting the security of the system.

Abstract: A decentralized identity access management (IAM) architecture that executes IAM service code on the distributed nodes (i.e., replicas) of a Byzantine fault tolerant (BFT) state machine replication (SMR) system is provided. For example, the IAM service code may be implemented as a blockchain smart contract or as a native execution engine that runs on each replica. With this decentralized architecture, up to f replicas (where f is a threshold number defined by the system's BFT consensus protocol) can be faulty/corrupted without affecting the security of the system.

Abstract: This disclosure describes aspects of parallel processing of blockchain requests, including prescreening that prevents conflicts for parallel processing. In some examples, an address is identified from a blockchain request. The blockchain request is prescreened to determine a conflict status. The conflict status is determined by comparing the address from the blockchain request to at least one address in a parallel execution batch. The blockchain request is placed in the parallel execution batch or a subsequent parallel execution batch based on the conflict status. The blockchain request is performed by parallel processing of the parallel execution batch or the subsequent parallel execution batch.

Abstract: This disclosure describes aspects of decentralized authorization and authentication for blockchain contracts. A permissioned blockchain includes requires decentralized approval of a particular number of users out of a specified set of users in order to approve permissioning rule updates for the permissioned blockchain. A signed blockchain request is received. The signed blockchain request specifies an action to perform with respect to the permissioned blockchain. Access to the permissioned blockchain is performed based at least in part on a confirmation that an action specified by the signed blockchain request approved according to permissioning rules of the permissioned blockchain.